package com.think.teaching.security;

import javax.annotation.Resource;
import javax.sql.DataSource;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configurers.ResourceServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.token.TokenStore;

import com.think.teaching.security.handle.CustomAuthenticationFailedHandler;
import com.think.teaching.security.handle.CustomAuthenticationSuccessHandler;


@Configuration
@EnableResourceServer
public class CustomResourceServerConfig extends ResourceServerConfigurerAdapter {

	private CustomAuthenticationFailedHandler failedHandler;

	private CustomAuthenticationSuccessHandler successHandler;
	
	@Resource
    private DataSource dataSource;


	@Autowired
	public TokenStore jwtTokenStore;
	@Override
	public void configure(HttpSecurity http) throws Exception {
		http.cors().disable().cors().and().authorizeRequests()
		.antMatchers("/v1/user/**","/v1/user/ilabLogin","/webjars/**","/v2/api-docs","/fileUpload/**", "/swagger-resources/configuration/ui",
                "/swagger-resources","/swagger-resources/configuration/security",
                "/swagger-ui.html","/course/coursebase/**","/v1/open/**","/static/**","/v1/imserver/**")
		.permitAll().anyRequest().authenticated();
	}


	@Override
	public void configure(ResourceServerSecurityConfigurer resources) throws Exception {
		// TODO Auto-generated method stub
		resources.tokenStore(jwtTokenStore);
		
	}

	
}
